RSA Security Summit London April 2014 – Keynote 1

First keynote speech of the day, delivered by Brian Fitzgerald, VP RSA Marketing

Security Redefined: Managing risk and securing the business in the age of the third platform

1st platform – 1970s – mainframe / mini computer – Terminals – Very high level of IT control – Millions of users, thousands of apps.

2nd platform – 1990 – LAN / Internet, Client / Server – PC – High level of IT control – Hundreds of millions of users, tens of thousands of apps – IT controlled; Perimeter bound

3rd platform – 2010 – Mobile / Cloud / Big Data / social – Mobile devices – Low level of IT control (especially end points, and cloud hosted solutions) – Billions of users, millions of apps – User centric; Boundaryless

 

Increased complexity and less control increases the need for analytics and intelligence.  Moving more from control to governance.

A new security world – becoming increasingly difficult to secure infrastructure.

Must focus on what is persistent; ensure we have control and visibility of

  • People
  • Flow of data
  • Transactions

A new security approach is required;

–          Move from Prevention (signature based) to Detection (intelligence driven)

Intelligence is a game changer – much data that we do not consider ‘security data’ is or will become security data – key to identifying unusual behaviour in the environment.

RSA’s Focus Areas;

–          Advanced Security Operations; Detecting and stopping advanced threats

–          Identity and Access Management; Securing the interactions between people and information

–          Fraud and Risk Intelligence; Preventing online fraud and cybercrime

–          Governance, Risk and Compliance; Understanding and managing organisational risk

In short IT is becoming increasingly distributed and complex, while at the same time moving out of the direct traditional control of IT and Security.  We must move to improving our visibility and ability to analyse data, along with the incident response people and processes to back this up and deal with the inevitable breaches.

K